Bulletins d'actualité : Différence entre versions

Version du 1 mars 2018 à 12:21

Classification

TLP:WHITE C0

[webapps] WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI

WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI

[webapps] Apache HertzBeat 1.8.0 - Remote Code Execution

Apache HertzBeat 1.8.0 - Remote Code Execution

[webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass

ePati Antikor NGFW 2.0.1301 - Authentication Bypass

[webapps] PJPROJECT 2.16 - Heap Bufferoverflow

PJPROJECT 2.16 - Heap Bufferoverflow

[webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload

Ninja Forms Uploads - Unauthenticated PHP File Upload

[webapps] glances 4.5.2 - command injection

glances 4.5.2 - command injection

[webapps] coreruleset 4.21.0 - Firewall Bypass

coreruleset 4.21.0 - Firewall Bypass

[webapps] Flowise < 3.0.5 - Missing Authentication for Critical Function

Flowise < 3.0.5 - Missing Authentication for Critical Function

[remote] telnetd 2.7 - Buffer Overflow

telnetd 2.7 - Buffer Overflow

[webapps] Ghost CMS 6.19.0 - SQLi

Ghost CMS 6.19.0 - SQLi

[webapps] LuaJIT 2.1.1774638290 - Arbitrary Code Execution

LuaJIT 2.1.1774638290 - Arbitrary Code Execution

[webapps] Bludit CMS 3.18.4 - RCE

Bludit CMS 3.18.4 - RCE

[local] NocoBase 2.0.27 - VM Sandbox Escape

NocoBase 2.0.27 - VM Sandbox Escape

[webapps] ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)

ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)

[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

@@ Ligne 15 : / Ligne 15 : @@
 <br>
 <br>
-<rss max=15 highlight="CVE">http://feeds.feedburner.com/feedburner/Talos</rss>
+<rss max=15 highlight="CVE">https://www.exploit-db.com/rss.xml</rss>